NSSCryptoModuleSpec/Section 7: Cryptographic Key Management: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
No edit summary
No edit summary
Line 38: Line 38:
|| draft
|| draft
|-
|-
| '''Random number generator description'''|| [http://wiki.mozilla.org/VE_07#VE.07.09.01 VE.07.09.01 ]<br>
| '''Random number generator description'''|| [http://wiki.mozilla.org/VE_07#VE.07.08.01 VE.07.08.01 ]<br> [http://wiki.mozilla.org/VE_07#VE.07.09.01 VE.07.09.01 ]<br> [http://wiki.mozilla.org/VE_07#VE.07.10.01 VE.07.10.01 ]
[http://wiki.mozilla.org/VE_07#VE.07.10.01 VE.07.10.01 ]<br>
|| [http://wiki.mozilla.org/VE_07KeyMgmt#Random_Number_Generator RNG]
[http://wiki.mozilla.org/VE_07#VE.07.12.01 VE.07.12.01 ]
|| [http://wiki.mozilla.org/VE_07KeyMgmt RNG]
|| draft
|-
| '''Random number generator test'''|| [http://wiki.mozilla.org/VE_07#VE.07.08.01 VE.07.08.01 ]
||
|| draft
|| draft
|-
|-

Revision as of 23:18, 28 July 2006

This is a draft document

Document Description

DTR Section

Assessment

Status

Specification of all aspects of key management;
key material, key generation, key establishment, key entry and output, key storage, key zeroization, and key archiving.

VE.07.01.01
VE.07.13.01
through
VE.07.17.01
VE.07.19.01
VE.07.24.01
VE.07.39.01
VE.07.40.01
VE.07.41.01
VE.07.42.01

Key Management draft
Description of key protection

VE.07.02.01
VE.07.03.01

Key Management draft
Proof of FIPS approved key generation -
Provide a validation certificate from a NIST- accredited laboratory.

VE.07.11.01

Key Generation draft
Random number generator description VE.07.08.01
VE.07.09.01
VE.07.10.01 		RNG draft
Proof/affirmation that key establishment is FIPS approved -
Provide documentation stating that the key establishment technique is FIPS-approved. 		VE.07.17.01 The following FIPS Approved key establishment techniques listed in Annex D to FIPS PUB 140-2 are used: Diffie-Hellman (key agreement) and Key Wrapping using RSA keys. draft
Documentation of means to ensure entity association of stored keys

VE.07.13.01

Entity Association Assurance draft
Output of intermediate key generation values

VE.07.15.01
VE.07.15.02

No intermediate key generation values are output from the cryptographic module upon completion of the key generation process. draft
Key generation methods employed by the cryptographic module

VE.07.16.01

draft
Key entry and output methods

VE.07.27.01
VE.07.28.01

N/A. Neither manual nor electronic key entry and output methods are employed by the cryptographic module. draft
Manual key entry test

VE.09.40.01
VE.09.40.02

N/A. Manual key entry and output methods are not employed by the cryptographic module. draft
Key generation

VE.07.18.01
VE.07.21.01
VE.07.23.01
VE.07.25.01
VE.07.29.01

(N/A) draft

Return to: NSSCryptoModuleSpec

Retrieved from "https://wiki.allizom.org/index.php?title=NSSCryptoModuleSpec/Section_7:_Cryptographic_Key_Management&oldid=30117"